Resubmissions

21-12-2024 23:02

241221-21ca4ssqhy 10

20-12-2024 07:27

241220-jalsratphm 10

Analysis

  • max time kernel
    67s
  • max time network
    70s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240624-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240624-enlocale:en-usos:android-13-x64system
  • submitted
    21-12-2024 23:02

General

  • Target

    8919f2c84bccb75b94393010ea857a4d28754354cbaf7043f49d47ff89318f7c.apk

  • Size

    7.1MB

  • MD5

    2ee1c7272b7efc3155f00066226643c2

  • SHA1

    86fcca0d8e4778ce3bbda033dbb8e6ae1558b5e1

  • SHA256

    8919f2c84bccb75b94393010ea857a4d28754354cbaf7043f49d47ff89318f7c

  • SHA512

    b6ba882ee7cfd1735779d9438c0c3d0660d726a1e0ec8f392dbe316f162efe3b5bfb06a9caa866624df988cfd9c91ad1c2f3cac8a51dc6edb51c4a9cfd72e128

  • SSDEEP

    196608:RUITvGePB7u5D6jc/WT9ZfGmw1Inj4KB8c8akpPq2s:5TvVkDD/KGmhZB8ekVq2s

Malware Config

Signatures

Processes

  • com.mocereti.fill
    1⤵
    • Loads dropped Dex/Jar
    • Obtains sensitive information copied to the device clipboard
    • Checks the application is allowed to request package installs through the package installer
    • Schedules tasks to execute at a specified time
    • Checks CPU information
    • Checks memory information
    PID:4358

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.mocereti.fill/app_immense/MdIfb.json

    Filesize

    647KB

    MD5

    9080ca780268b1ee82128c85ab15992d

    SHA1

    8bb3c2f182766a24e00165a0c2c914fc908061d3

    SHA256

    36ed39f8f6f10c12d1e75864b3f1a86ac04090e72e055668b94db57cfc131d94

    SHA512

    1b22981c3dc7d268d923e0b5a9279997211bd3026382cca374ece9db26fa3c8dd4dc798fee89a6bfb55315fa5e6fc0562f91cf12ff68c64ecb29de95ae6410aa

  • /data/data/com.mocereti.fill/app_immense/MdIfb.json

    Filesize

    647KB

    MD5

    65665fc5d83e79c8e4a9598a0918efce

    SHA1

    ac791de882b6503b494fa51f162c34ef7d53fd47

    SHA256

    28b07087989fd0439b4653c94f1cf2e4afcfa94845a7e96b3aeacfc3c95ddeb6

    SHA512

    852c00f3212f722db4bedf1b23c6c0a05824057ac5145323331fdbf579d9a267fc7d3b321e5605dc1483ca334115e8d521975f72e3774f4467e48e3ac6f10973

  • /data/data/com.mocereti.fill/app_immense/oat/MdIfb.json.cur.prof

    Filesize

    1KB

    MD5

    0091ba7713e7e0f61fc68cea27be2ec7

    SHA1

    14bb10d8d21c41581a2fde7a1c3b1b33e0ba0dfc

    SHA256

    84eda49dadce94455e52aafebc9f3aff1fd227c55999a89c0d1704771903f677

    SHA512

    f2e52f41a954cc49c602f00df9ed334bafc434128c34b0772a6d90a652b69fa82c49b30a104748dc3261f4cc340d3b7ce61fa9d7718c5f406c7c61999b776ffb

  • /data/data/com.mocereti.fill/app_immense/oat/x86_64/MdIfb.vdex

    Filesize

    29KB

    MD5

    47f6f9745201e6b3915d1dac58e5d520

    SHA1

    09dac46d23f6577bc1f917af2ea786fe98d7a45f

    SHA256

    024dada2b9b380353cd45a1073a1dd16017165ec328e3105972f4dfec296bdf7

    SHA512

    33cccf35a07ac7f4b4c5cab7898ee485d2922ede40240dd785d728df02370af8c322c81ca54a7fc07e287d56d1ecbe230a75e61772fe5947419f87d4030be3aa

  • /data/data/com.mocereti.fill/files/profileInstalled

    Filesize

    24B

    MD5

    70cc682a6df62facb86f6b1a54ea62ed

    SHA1

    4310b8187dceda57720d019546ab7d7c2d785b85

    SHA256

    719a0ecae74950bc8a7343070d006bd5daef583841b09f0cae10d0aa25c86a44

    SHA512

    7d4b01d3b1a63d9c3ca43fc1266b5c885fd7265ad2086468c89a3efbdfa25a00e211d1d621f4c0ea328b55fcce6b440793bd5744c77cf4c366ab3101c9f4b138

  • /data/data/com.mocereti.fill/files/profileinstaller_profileWrittenFor_lastUpdateTime.dat

    Filesize

    8B

    MD5

    74a5ea2999f4a08a6ff79ff4707c5fc1

    SHA1

    5e08a437360bb5c262dff1fb9f25a79b34ce7b9b

    SHA256

    82d30915f66405125c2f0c9b7a07b69714e4f594da247ed6b43c690b7942d075

    SHA512

    94e50ac02a2748cdec6619aa3b5d50918e2d09d1f458b0c0dca0ab38731e4a3220d086a708940c79fe49a60d5be8e881224a98a8b9275c043702466dfc63eca6

  • /data/data/com.mocereti.fill/no_backup/androidx.work.workdb

    Filesize

    112KB

    MD5

    8b72fe8d6cff81c27a04db8e3264b8fd

    SHA1

    0d245522de0e1800f5d3a66f12ad478835745cd1

    SHA256

    09600499af3fc4aa315d386a6898ea2e759036cebeb10ebe15da05312713d4dd

    SHA512

    b5a790b3f67d1aae4353f4effbabee8fc2efae2742da405f4ea3b266cdd708f6bdd15879a1a0c897d7358b66d399f707b6d876a4900da4719327514bd157b05e

  • /data/data/com.mocereti.fill/no_backup/androidx.work.workdb-journal

    Filesize

    512B

    MD5

    127f62886d1f547dc31f4b44c93a85e4

    SHA1

    66e090439783116e79eb057bea31df07f0c8c677

    SHA256

    6d5cbfe5586ac6cc873d25c197db677deeebcd04b98272a7a046b792e7bb8fe9

    SHA512

    d58816691c7b30af27cc3cbae9dcea90755863f98058160311797a9bf7daa851b4ecb9b629775cb727d6e0984304afcc618d4fea1dd423160f2f4de240e28b38

  • /data/data/com.mocereti.fill/no_backup/androidx.work.workdb-shm

    Filesize

    32KB

    MD5

    bb7df04e1b0a2570657527a7e108ae23

    SHA1

    5188431849b4613152fd7bdba6a3ff0a4fd6424b

    SHA256

    c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

    SHA512

    768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

  • /data/data/com.mocereti.fill/no_backup/androidx.work.workdb-wal

    Filesize

    116KB

    MD5

    68dbfe51c9d8a5e18805c3d7ead3f233

    SHA1

    8435c1940a4a830e0a008d3900ceb96cd1790de3

    SHA256

    9eecae611b655b627396e4a661aa144b75e0d4a08804635e28f63156b911ec44

    SHA512

    2add7e5ab169a0d999483e5291d9f041d0477bcb18a2e4b9563f0adeb07372003919cc189b596806fe948ec898e4d4657b19d90550229f4147efd235dda5d0e4

  • /data/data/com.mocereti.fill/no_backup/androidx.work.workdb-wal

    Filesize

    418KB

    MD5

    261c06dfa499f36d8e9dba6658d44797

    SHA1

    6effdab060329d37f8e6de06728c525f37250d0f

    SHA256

    b685caab9907accd375f7449979f658f9503c1a38d4c2e668cb2f65f25052ed8

    SHA512

    ce795a18d53f681cdecb065189a9e205d144cb4fe648424e98a9e78a335c241c797d72524ac1329dbbb6021d529e777f45abbe7fb94ab1824ffcede45c7d121e

  • /data/data/com.mocereti.fill/no_backup/androidx.work.workdb-wal

    Filesize

    16KB

    MD5

    5d952db8e4df2475941d6bd6873dea14

    SHA1

    5a2dbf2c6a3b3597e96a293a59fd29a3b920a2b3

    SHA256

    c87a29a9e106d41aba1d0a31c979afce3df89b1e96bc851135001a64c3465d8a

    SHA512

    f533afdec3432e1ac5ce494423715f6c208d37d10a0fde3e257f57b48d8775eb6bbf915ea4a000374000bb11751d24279c72048aff52ec507900f95e12ebf1fe

  • /data/misc/profiles/cur/0/com.mocereti.fill/primary.prof

    Filesize

    1KB

    MD5

    b8840362daf4195a9b6c02d0083afb35

    SHA1

    48ac97c4ddf769875f9f7796a192748db189b134

    SHA256

    0b1d84c347bfdf1337d3fe8c597b34319ea9f499122fccc615afcbb210a4164d

    SHA512

    43194e44785be1817c1d61f8db871923b298dbc2a9749846afe933d1125085200898e7c3195ef872faa23f7121d26ad4aabee721ef03821a36a29cd88e4a8e60

  • /data/misc/profiles/cur/0/com.mocereti.fill/primary.prof

    Filesize

    254B

    MD5

    e3bb08ed8997094431a8e9740781159e

    SHA1

    7e46c85a9bfb8160ea452f934aca6681edae0ff4

    SHA256

    11fbff9034a8c9fb6dc668ba999bb35b75f08250725833fa42c0440d278802e0

    SHA512

    a005a673ba1ecc3b32ab1df814df3550cc0c9459eb001d7d3448d4093e6bff4219eb79d20cb31607a59a86bb8fe6abbbe3e558eba38b1faddc8c6feec40fb774

  • /data/user/0/com.mocereti.fill/app_immense/MdIfb.json

    Filesize

    1.4MB

    MD5

    ff2a5bc76bd956c9621454e9829ad34a

    SHA1

    3e41bd7ed5c73e133f753a89800d324d760e74b0

    SHA256

    92ba383ed156984ebcdb8c06e29b16b290b26abe0f226a5325775a0eaee7c63c

    SHA512

    35d9df3b1c912c9f0feec823d8722884adbed93275283c87990c793859af1dfb831f9386f03e0a736b290e30734d6961a18c8428144df6a0982c2d2c4054db47